Similar Py2exe software can really protect the python source? background
Recently wrote a tool used to automate cryptographic processing of string constants for C + + files in a project, written in Python, with good tools, so plan to promote within the company. In order to prevent code leakage is considered not to use direct to the source code, and Python binary scripts PYc and PYO, although not the source, but can be uncompyle2 directly through the source code. Through the online data found that there are windows under the Py2exe, Mac Py2app and cross-platform Pyinstaller tools can be packaged Python script executable files, the first response should meet the needs, but some do not trust, so personally tried and analyzed these tools.
Pyexe
This tool is used to package Python scripts and Python interpreters into executables under Windows. This can be run on a machine that does not have Python installed. After packing, there will be a library.zip packed file, 1
It contains dependent modules and packaged modules, all PYC storage, so it is easy to get the source code through Uncompyle2. So basically is 0 protection.
Cross-platform Tools Pyinstaller
Using these tools, you find the tool more powerful. The packaged executable does not depend on Python and can be run directly on a machine that does not have Python installed. Executables that are to be generated for different systems must be packaged on the corresponding system and not run across platforms at once.
The tool can be packaged as a directory or as an executable file, many of the online tutorials I will not introduce. But packaged into a file when the actual execution of the first will be extracted into a directory, and then to run, so a file is essentially a directory of compressed storage. The tool provides an interface to encrypt the module using AES.
The tool packs a system-independent section into a file in the CArchive format (similar to zip) and puts the file at the end of the generated executable file. Pyinstaller provides tools pyi-archive_viewer for viewing, 2 shows,
The key documents listed in the above diagram are described below.
Out00-pyz.pyz
Save the module that the package depends on, similar to the above Library.zip, which belongs to the zlibarchive format, as shown in 3,
As you can see, the Table of Contents section contains the module name, offset and length in the file. This information can be used to get the contents of the module, the content is compressed, need to use zlib decompression. Pyi-archive_viewer can also view the above information. As shown in 4.
Pyimod00_crypto_key
When the AES encryption option is used, the file is the PYC format file, and the content obtained using Uncompyle2 is shown in Figure 5,
As you can see, there is only one key, which is actually the key that I use for AES encryption, so this key is equivalent to plaintext storage.
Dealproject
This file is the Python source code file I processed, he is directly in the form of the source.
It can be seen that although Pyinstaller is more complex than Py2exe, it is also very easy to get the source code. Py2app
Also on the Mac on the tool was tested, found that the Py2app packaged program also has the same problem, and no longer run on Python machine, processing files are in the form of source code, the other files are packaged in the PYC format in the compressed file.
Summarize
Through the current mainstream packaging software, they just provide a Python script to be packaged as an executable to run on a machine that does not have Python, and does not protect the Python script, you can easily get the source code. Currently understand the solution has Cython,cython is a python superset, he will first convert the Python code into C code, and then through the C compiler to build the executable file, this will overcome the above occurrence, and can call C library functions, which improves the performance of the program, and add code security, it is a good solution.
Transferred from: http://blog.csdn.net/liwugang43210/article/details/50096875
Other:
AskHow to encrypt Python source code?
PHP can use Zend Guard to encrypt the source code and then publish it for use.
To know if Python has a similar encryption tool, the encrypted code can still be run.
Publish the Python source code to compile the generated PYc file just fine.
python -m py_compile src.py
http://my.oschina.net/wizardpisces/blog/107445
In fact, the encryption is very simple, modify the Python virtual machine code, for the compilation of the PYc part of the virtual code, or to change a few. No one else can die. This method comes from (Yun Feng's book < My programming sentiment >)
The disadvantage is also obvious, and you must use your own modified Python virtual machine when executing.
At best, it's just confusing, and it's impossible to get to the true meaning of encryption, which is inherently true of interpretive languages.
This python obfuscation can be used to encrypt the device.
Encryption effect is not reversible, do not hand means such as PYC, compiled into EXE or even modify bytecode are better to restore.
Python is at most the same as previously said to be confused, want to real encryption temporarily did not find God horse good solution
Compile the core code into an OS file using Cython (note: or Python syntax).
"Turn" similar to Py2exe software can really protect the Python source code?